In comp.os.linux.development.system shimp <example@nobody.com> wrote:

| It has been known from the beginning that DRAM holds its state a while
| after power is removed. Thats how it works. There is a circuit that
| refreshes it every X milliseconds. But it is a big big surprise, at
| least to me, that data can recovered up to 10 minutes afterwards!!?
|
| The only real world ramification I can see is that you should completely
| powerdown your laptop 10 mins before going through a security
| checkpoint. Or unmount crypt stuff and do a memory wipe.

So add a RAM wipe right at the end of the halt sequence (in addition to
other security measures like storing keys in unused corners of video
card SRAM).


| As far as servers sitting alone somewhere, or other scenarios.. if
| someone has physical access to a machine there are all kinds of tricks
| they can use. I think you need to implement intrusion detection as
| another poster said, and rigged to explosives for self destruct. ;)

That, too.

How about a low bandwidth LAN over the power lines via tap in the PSU.
Each node can cryptographically authenticate itself. If a configured
set of required nodes can no longer be reached, memory gets wiped on
certain machines with critical data.

--
|---------------------------------------/----------------------------------|
| Phil Howard KA9WGN (ka9wgn.ham.org) / Do not send to the address below |
| first name lower case at ipal.net / spamtrap-2008-02-26-2351@ipal.net |
|------------------------------------/-------------------------------------|